planka/server/api/controllers/comment-actions/delete.js

const Errors = {
  NOT_ENOUGH_RIGHTS: {
    notEnoughRights: 'Not enough rights',
  },
  COMMENT_ACTION_NOT_FOUND: {
    commentActionNotFound: 'Comment action not found',
  },
};

module.exports = {
  inputs: {
    id: {
      type: 'string',
      regex: /^[0-9]+$/,
      required: true,
    },
  },

  exits: {
    notEnoughRights: {
      responseType: 'forbidden',
    },
    commentActionNotFound: {
      responseType: 'notFound',
    },
  },

  async fn(inputs) {
    const { currentUser } = this.req;

    const path = await sails.helpers.actions
      .getProjectPath({
        id: inputs.id,
        type: Action.Types.COMMENT_CARD,
      })
      .intercept('pathNotFound', () => Errors.COMMENT_ACTION_NOT_FOUND);

    let { action } = path;
    const { board, project } = path;

    const isProjectManager = await sails.helpers.users.isProjectManager(currentUser.id, project.id);

    if (!isProjectManager) {
      if (action.userId !== currentUser.id) {
        throw Errors.COMMENT_ACTION_NOT_FOUND; // Forbidden
      }

      const boardMembership = await BoardMembership.findOne({
        boardId: board.id,
        userId: currentUser.id,
      });

      if (!boardMembership) {
        throw Errors.COMMENT_ACTION_NOT_FOUND; // Forbidden
      }

      if (boardMembership.role !== BoardMembership.Roles.EDITOR && !boardMembership.canComment) {
        throw Errors.NOT_ENOUGH_RIGHTS;
      }
    }

    action = await sails.helpers.actions.deleteOne.with({
      board,
      record: action,
      request: this.req,
    });

    if (!action) {
      throw Errors.COMMENT_ACTION_NOT_FOUND;
    }

    return {
      item: action,
    };
  },
};
Initial commit 2019-08-31 04:07:25 +05:00			`const Errors = {`
feat: Permissions for board members Closes #262 2022-08-19 14:00:40 +02:00			`NOT_ENOUGH_RIGHTS: {`
			`notEnoughRights: 'Not enough rights',`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`COMMENT_ACTION_NOT_FOUND: {`
Add username to user 2020-04-03 00:35:25 +05:00			`commentActionNotFound: 'Comment action not found',`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`};`

			`module.exports = {`
			`inputs: {`
			`id: {`
Change id generation algorithm, display notifications total on the main page 2019-10-10 02:51:54 +05:00			`type: 'string',`
			`regex: /^[0-9]+$/,`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`required: true,`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`},`

			`exits: {`
feat: Permissions for board members Closes #262 2022-08-19 14:00:40 +02:00			`notEnoughRights: {`
			`responseType: 'forbidden',`
			`},`
Add username to user 2020-04-03 00:35:25 +05:00			`commentActionNotFound: {`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`responseType: 'notFound',`
			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`},`

Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`async fn(inputs) {`
Initial commit 2019-08-31 04:07:25 +05:00			`const { currentUser } = this.req;`

Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`const path = await sails.helpers.actions`
			`.getProjectPath({`
			`id: inputs.id,`
			`type: Action.Types.COMMENT_CARD,`
			`})`
			`.intercept('pathNotFound', () => Errors.COMMENT_ACTION_NOT_FOUND);`
Initial commit 2019-08-31 04:07:25 +05:00
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`let { action } = path;`
			`const { board, project } = path;`
Initial commit 2019-08-31 04:07:25 +05:00
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`const isProjectManager = await sails.helpers.users.isProjectManager(currentUser.id, project.id);`
Initial commit 2019-08-31 04:07:25 +05:00
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`if (!isProjectManager) {`
			`if (action.userId !== currentUser.id) {`
			`throw Errors.COMMENT_ACTION_NOT_FOUND; // Forbidden`
			`}`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00
feat: Permissions for board members Closes #262 2022-08-19 14:00:40 +02:00			`const boardMembership = await BoardMembership.findOne({`
			`boardId: board.id,`
			`userId: currentUser.id,`
			`});`
Initial commit 2019-08-31 04:07:25 +05:00
feat: Permissions for board members Closes #262 2022-08-19 14:00:40 +02:00			`if (!boardMembership) {`
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`throw Errors.COMMENT_ACTION_NOT_FOUND; // Forbidden`
			`}`
feat: Permissions for board members Closes #262 2022-08-19 14:00:40 +02:00
			`if (boardMembership.role !== BoardMembership.Roles.EDITOR && !boardMembership.canComment) {`
			`throw Errors.NOT_ENOUGH_RIGHTS;`
			`}`
Initial commit 2019-08-31 04:07:25 +05:00			`}`

ref: Remove board types, refactoring 2022-12-26 21:10:50 +01:00			`action = await sails.helpers.actions.deleteOne.with({`
			`board,`
			`record: action,`
			`request: this.req,`
			`});`
Initial commit 2019-08-31 04:07:25 +05:00
			`if (!action) {`
			`throw Errors.COMMENT_ACTION_NOT_FOUND;`
			`}`

Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`return {`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`item: action,`
Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00			`};`
Code formatting with prettier, change eslint config for the server 2019-11-05 18:01:42 +05:00			`},`
Initial commit 2019-08-31 04:07:25 +05:00			`};`